RE: [Zope-dev] Owner Role and ZCatalog
Thanks Brian!
This is terrific. I tried yesterday to test to see if the owner role was working in Zope 2, and I wasn't having any luck. I tried the: <!--#with myobject--> <!--#if "AUTHENTICATED_USER.has_role('Owner')"--> foo <!--#/if--> <!--#/with-->
And no matter who had created the object I got back foo for the Users with the manager role, and nothing for everyone else.
Jason
Yes - note that "local roles" are just that - local to a particular object. The has_role method of the User objects can take an optional second argument, which is the object to be used as context for determining if the User has the given role. If the second argument is passed, has_role will take local roles into account - otherwise it will only look through the roles actually assigned to the User itself. If you try: <!--#with myobject--> <!--#if "AUTHENTICATED_USER.has_role('Owner', this())"--> foo <!--#/if--> <!--#/with--> ...then you should get the right answer. This is something that needs to go into the API documentation for 2.0. Along these same lines, if you ever use the getRoles method of User objects, note that this will only give you the roles actually assigned to the User. To get the list of the roles of a user taking into account the local roles of an object, you can call: AUTHENTICATED_USER.getRolesInContext(object) Brian Lloyd brian@digicool.com Software Engineer 540.371.6909 Digital Creations http://www.digicool.com
Oooooo. Nice stuff. The permissions and Roles are a hairy beast to get a hold of. I have Users, and Groups, and Assistants who can act just like the Manager in a certain context. Is there any definitive place to get an example of harnessing the true power of Zope's Roles and permissions? Right now for a group, I have a 'Group_1' role, and that group has a Group_Manager. But I have now way of tying the two together except for <!--#if "AUTHENTICATED_USER.has_role('Group_Manager') and AUTHENTICATED_USER.has_role('Group_1')"--> then tie that into whether or not htey are the owner, and account for the assistant. Whew! Any help in implementing this would be helpful. Thanks a bunch! Jason Brian Lloyd wrote:
Thanks Brian!
This is terrific. I tried yesterday to test to see if the owner role was working in Zope 2, and I wasn't having any luck. I tried the: <!--#with myobject--> <!--#if "AUTHENTICATED_USER.has_role('Owner')"--> foo <!--#/if--> <!--#/with-->
And no matter who had created the object I got back foo for the Users with the manager role, and nothing for everyone else.
Jason
Yes - note that "local roles" are just that - local to a particular object. The has_role method of the User objects can take an optional second argument, which is the object to be used as context for determining if the User has the given role. If the second argument is passed, has_role will take local roles into account - otherwise it will only look through the roles actually assigned to the User itself.
If you try:
<!--#with myobject--> <!--#if "AUTHENTICATED_USER.has_role('Owner', this())"--> foo <!--#/if--> <!--#/with-->
...then you should get the right answer. This is something that needs to go into the API documentation for 2.0. Along these same lines, if you ever use the getRoles method of User objects, note that this will only give you the roles actually assigned to the User. To get the list of the roles of a user taking into account the local roles of an object, you can call:
AUTHENTICATED_USER.getRolesInContext(object)
Brian Lloyd brian@digicool.com Software Engineer 540.371.6909 Digital Creations http://www.digicool.com
Zopists Has anyone had luck implementing a ZClass based on the User object, and creating a User folder that contains them? I'm trying and not getting anywhere. Basically I would like to have User objects that have other properties besides just password, roles, domain. I don't really want to write the python based on the BasicUser object, but if that's the only way I'd like to know. All my best, Jason Brian Lloyd wrote:
Thanks Brian!
This is terrific. I tried yesterday to test to see if the owner role was working in Zope 2, and I wasn't having any luck. I tried the: <!--#with myobject--> <!--#if "AUTHENTICATED_USER.has_role('Owner')"--> foo <!--#/if--> <!--#/with-->
And no matter who had created the object I got back foo for the Users with the manager role, and nothing for everyone else.
Jason
Yes - note that "local roles" are just that - local to a particular object. The has_role method of the User objects can take an optional second argument, which is the object to be used as context for determining if the User has the given role. If the second argument is passed, has_role will take local roles into account - otherwise it will only look through the roles actually assigned to the User itself.
If you try:
<!--#with myobject--> <!--#if "AUTHENTICATED_USER.has_role('Owner', this())"--> foo <!--#/if--> <!--#/with-->
...then you should get the right answer. This is something that needs to go into the API documentation for 2.0. Along these same lines, if you ever use the getRoles method of User objects, note that this will only give you the roles actually assigned to the User. To get the list of the roles of a user taking into account the local roles of an object, you can call:
AUTHENTICATED_USER.getRolesInContext(object)
Brian Lloyd brian@digicool.com Software Engineer 540.371.6909 Digital Creations http://www.digicool.com
participants (2)
-
Brian Lloyd -
Jason Spisak